A role-based access control model for information mediation

Li Yang, Raimund K. Ege, Onyeka Ezenwoye, Qasem Kharma

Research output: Chapter in Book/Report/Conference proceedingConference contribution

4 Citations (Scopus)

Abstract

With the increasing demands for data integration and exchange among distributed heterogeneous sources, many applications require secure interoperation and the information sharing. Mediation techniques provide an extended amalgamation of searching and querying in heterogeneous systems, but enlarge the space of possible threats to local data sources. How to encourage data sharing while enforce required protection to resources is a challenging problem. Traditional access control mechanisms and methods are inadequate to reflect the heterogeneous environment and the flexible access control requirements. This paper presents a mediation security architecture for information integration based on role-based access control (RBAC). An adorned XML model (AXM) is used to homogenize security data modeling. Security requirements of mediation systems are specified by constraints over various RBAC dimensions. An incremental security enforcement method is proposed to integrate RBAC modules into the mediation architecture. The method supports adaptive and scalable design of secure mediation systems.

Original languageEnglish (US)
Title of host publicationProceedings of the 2004 IEEE International Conference on Information Reuse and Integration, IRI-2004
EditorsA.M. Memon, N. Zhao
Pages277-282
Number of pages6
StatePublished - Dec 1 2004
Externally publishedYes
EventProceedings of the 2004 IEEE International Conference on Information Reuse and Integration, IRI-2004 - Las Vegas, NV, United States
Duration: Nov 8 2004Nov 10 2004

Other

OtherProceedings of the 2004 IEEE International Conference on Information Reuse and Integration, IRI-2004
CountryUnited States
CityLas Vegas, NV
Period11/8/0411/10/04

Fingerprint

Access control
Data integration
Electronic data interchange
XML
Data structures

Keywords

  • Mediation system
  • Role-based access control
  • Security

ASJC Scopus subject areas

  • Engineering(all)

Cite this

Yang, L., Ege, R. K., Ezenwoye, O., & Kharma, Q. (2004). A role-based access control model for information mediation. In A. M. Memon, & N. Zhao (Eds.), Proceedings of the 2004 IEEE International Conference on Information Reuse and Integration, IRI-2004 (pp. 277-282)

A role-based access control model for information mediation. / Yang, Li; Ege, Raimund K.; Ezenwoye, Onyeka; Kharma, Qasem.

Proceedings of the 2004 IEEE International Conference on Information Reuse and Integration, IRI-2004. ed. / A.M. Memon; N. Zhao. 2004. p. 277-282.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Yang, L, Ege, RK, Ezenwoye, O & Kharma, Q 2004, A role-based access control model for information mediation. in AM Memon & N Zhao (eds), Proceedings of the 2004 IEEE International Conference on Information Reuse and Integration, IRI-2004. pp. 277-282, Proceedings of the 2004 IEEE International Conference on Information Reuse and Integration, IRI-2004, Las Vegas, NV, United States, 11/8/04.
Yang L, Ege RK, Ezenwoye O, Kharma Q. A role-based access control model for information mediation. In Memon AM, Zhao N, editors, Proceedings of the 2004 IEEE International Conference on Information Reuse and Integration, IRI-2004. 2004. p. 277-282
Yang, Li ; Ege, Raimund K. ; Ezenwoye, Onyeka ; Kharma, Qasem. / A role-based access control model for information mediation. Proceedings of the 2004 IEEE International Conference on Information Reuse and Integration, IRI-2004. editor / A.M. Memon ; N. Zhao. 2004. pp. 277-282
@inproceedings{cb159a71135a480083a9beb52f6ce2f1,
title = "A role-based access control model for information mediation",
abstract = "With the increasing demands for data integration and exchange among distributed heterogeneous sources, many applications require secure interoperation and the information sharing. Mediation techniques provide an extended amalgamation of searching and querying in heterogeneous systems, but enlarge the space of possible threats to local data sources. How to encourage data sharing while enforce required protection to resources is a challenging problem. Traditional access control mechanisms and methods are inadequate to reflect the heterogeneous environment and the flexible access control requirements. This paper presents a mediation security architecture for information integration based on role-based access control (RBAC). An adorned XML model (AXM) is used to homogenize security data modeling. Security requirements of mediation systems are specified by constraints over various RBAC dimensions. An incremental security enforcement method is proposed to integrate RBAC modules into the mediation architecture. The method supports adaptive and scalable design of secure mediation systems.",
keywords = "Mediation system, Role-based access control, Security",
author = "Li Yang and Ege, {Raimund K.} and Onyeka Ezenwoye and Qasem Kharma",
year = "2004",
month = "12",
day = "1",
language = "English (US)",
isbn = "0780388194",
pages = "277--282",
editor = "A.M. Memon and N. Zhao",
booktitle = "Proceedings of the 2004 IEEE International Conference on Information Reuse and Integration, IRI-2004",

}

TY - GEN

T1 - A role-based access control model for information mediation

AU - Yang, Li

AU - Ege, Raimund K.

AU - Ezenwoye, Onyeka

AU - Kharma, Qasem

PY - 2004/12/1

Y1 - 2004/12/1

N2 - With the increasing demands for data integration and exchange among distributed heterogeneous sources, many applications require secure interoperation and the information sharing. Mediation techniques provide an extended amalgamation of searching and querying in heterogeneous systems, but enlarge the space of possible threats to local data sources. How to encourage data sharing while enforce required protection to resources is a challenging problem. Traditional access control mechanisms and methods are inadequate to reflect the heterogeneous environment and the flexible access control requirements. This paper presents a mediation security architecture for information integration based on role-based access control (RBAC). An adorned XML model (AXM) is used to homogenize security data modeling. Security requirements of mediation systems are specified by constraints over various RBAC dimensions. An incremental security enforcement method is proposed to integrate RBAC modules into the mediation architecture. The method supports adaptive and scalable design of secure mediation systems.

AB - With the increasing demands for data integration and exchange among distributed heterogeneous sources, many applications require secure interoperation and the information sharing. Mediation techniques provide an extended amalgamation of searching and querying in heterogeneous systems, but enlarge the space of possible threats to local data sources. How to encourage data sharing while enforce required protection to resources is a challenging problem. Traditional access control mechanisms and methods are inadequate to reflect the heterogeneous environment and the flexible access control requirements. This paper presents a mediation security architecture for information integration based on role-based access control (RBAC). An adorned XML model (AXM) is used to homogenize security data modeling. Security requirements of mediation systems are specified by constraints over various RBAC dimensions. An incremental security enforcement method is proposed to integrate RBAC modules into the mediation architecture. The method supports adaptive and scalable design of secure mediation systems.

KW - Mediation system

KW - Role-based access control

KW - Security

UR - http://www.scopus.com/inward/record.url?scp=16244410510&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=16244410510&partnerID=8YFLogxK

M3 - Conference contribution

SN - 0780388194

SP - 277

EP - 282

BT - Proceedings of the 2004 IEEE International Conference on Information Reuse and Integration, IRI-2004

A2 - Memon, A.M.

A2 - Zhao, N.

ER -